You just spent hours making your website look super clean and professional, filled with great information about you and your company, all of which will help in building your brand and showcase your credibility. This could include information about your employees, your high profile clients, and so much more.
Not so fast though, sharing this valuable information online could do more harm than good. While it may make your brand look more personable and bring in potential future sales, it could also be giving cybercriminals a way into breaching your company data.
Take a look at SolarWinds, a top-tier software development company based in the US that claims to have over 300,000+ clients globally, many of which are high profile businesses. SolarWinds suffered a massive breach recently which greatly affected companies such as FireEye, Microsoft, and even the US Government.
There are a number of factors that led to this breach, however, one thing that stands out is SolarWinds’ website which showcased their top clients. While this gave the company visibility and praise, it ultimately contributed to their recent breach. If you check their website now, their client information is no longer displayed.
Practically any valuable information can and will be used by cybercriminals to find vulnerabilities in your attack surface. They will look to your website, social media, and any other information about you or your company that is out publicly.
One common way is through your company’s ‘about us’ page where employees are often listed with their positions in the company alongside their contact information. By having access to this information, cybercriminals could send malicious email spoofs to your clients or other employees luring them to clicking malicious links or downloading suspicious attachments.
By doing this simple step of not oversharing your private information online, you could be saving your company from a breach.
Remember, once you experience a breach: